In the News (Sun 2 Aug 15)

This paper attempts to analyze the knapsack encryption/decryption scheme, survey major knapsack public-key cryptosystems developed in the past 20-some years, chronicle their rise and fall, and hope-fully shed some light on the future of the knapsack cryptosystems.

Construct the cryptosystem such that decryption is essentially different for the cryptanalyst and the legitimate receiver.

As the trapdoor one-way function is the soul of a public-key cryptosystem, it is essential to understand the trapdoor one-way function used in a knapsack cryptosystem.

www.cecs.uci.edu /~mingl/knapsack.html (8138 words)

Cryptosystems and Keys(Site not responding. Last check: 2007-11-07)

By definition, a cryptosystem is the combination of three elements: an encryption engine, keying information, and operational procedures for their secure use.

NOTE: A low-grade cryptosystem is one which an attacker can break by means of purely cryptanalytic attacks on the ciphertext it produces, but which may delay him long enough for the period of time during which the corresponding plaintext that it encrypted has value.

A medium-grade cryptosystem is one which cannot be broken in a useful time without the attacker possessing a copy of the encryption engine, which he can use in chosen plaintext attacks to help recover your key.

Rise of Private Cryptosystems(Site not responding. Last check: 2007-11-07)

The cryptosystems of the past can be categorized into two types: codes and ciphers.

The indirect benefit, however, is that the release of PGP marked the opening of the floodgates of public use of cryptosystems.

Because most uses of encryption by the public today primarily benefit business and government interests, the main stakeholders in the control of private cryptosystems are still a vocal minority and not the public at large.

The key management problem arises from the fact that a symmetric cryptosystem, while providing protection to the data that have been encrypted, still requires that a key be exchanged secretly between any pair of communicating parties.

The solution made possible by a public key cryptosystem consists of a two-tiered arrangement, where the data to be communicated are encrypted using DEA (for example), and the DEA keys are encrypted using the public keys.

The best known exponentiation cryptosystem is the one proposed in 1978 by Rivest, Shamir, and Adleman (see Reference 5) usually referred to by their initials as RSA.

Our short secret key cryptosystems are based the use of slowed down key generation, as advocated by Quisquater, et al.

The first contribution of this paper is the analysis of the security of short key cryptosystems and the tradeoffs between key length, amount of slowdown, and security.

The second contribution is the inclusion of an auxiliary, nonsecret key; which we argue is necessary to maintain security, and also allows a single short key to be used for multiple independently secure communication sessions, and to be used as a master key in key management protocols.

So, most cryptographic software will convert a passphrase into a key through a process called "hashing'' or "key initialization.'' Avoid cryptosystems that skip this phase by using a password directly as a key.

Typically, in public key cryptosystems, the message to be sent is encrypted with a symmetric key that was specifically generated for that message.

The encrypted version of that message, as well as the associated session key can then be encrypted with the recipient's public key.

www.softrim.com /Encryption.asp (880 words)

Jukalanti(Site not responding. Last check: 2007-11-07)

Old cryptosystems required communicating parties to keep the algorithm used to encrypt and decrypt messages secret from third parties.

The different attacks on cryptosystems are Cipher text-only attack, Known-plaintext attack, Chosen-plaintext attack, Man-in-the-middle attack, Correlation between the secret key and the output of the cryptosystem, Attack against or using the underlying hardware, Faults in cryptosystems, DNA cryptography.

Analysis of different attacks allows security practitioners to discover and correct potential security vulnerabilities and ensure that the cryptosystems are as secure as possible.

Abstract: This paper introduces a method of implementing secure cryptosystems which use short secret keys, as short as 40 bits or less.

The principle new component of short key cryptosystems is the use of a "slow one-way'' function which converts a short secret key into an expanded key which can be used in a conventional (long key) cryptosystem.

Short key cryptosystems can be used as either public or private key cryptosystems.

www.math.ucsd.edu /~sbuss/ResearchWeb/shortkeycrypto (132 words)

Q31: What are Elliptic Curve Cryptosystems?(Site not responding. Last check: 2007-11-07)

The lack of specialized attacks means that shorter key sizes for elliptic cryptosystems give the same security as larger keys in cryptosystems that are based on discrete logarithm problem.

It is possible that algorithm development in this area will change the security of elliptic curve discrete logarithm cryptosystems to be equivalent to that of general discrete logarithm cryptosystems; this is an open research problem.

Elliptic curve analogs of RSA have been proposed, and they are based on the difficulty of factoring, just as RSA is. The elliptic curve analogs do not seem to offer any significant advantage over RSA, as the underlying problem is the same and the key sizes are similar for equivalent levels of security.

www.x5.net /faqs/crypto/q31.html (236 words)

8.8 Cryptosystems(Site not responding. Last check: 2007-11-07)

As seen earlier algebraic cryptosystems rely on explicit manipulations with finite abelian groups.

All the finite abelian groups that have been used as cryptosystems so far are specific K-groups of schemes with minor modifications.

Thus it would seem that a useful way of diversifying the collection of groups available for cryptosystems would be to study all K-groups of schemes.

A field is represented with an optimal normal basis, and a generator of a subgroup of the multiplicative group of the field is used to form a public key.

7A- I I D are charts showing the public key, private key, signature, and signature generation parameter k, for each of the public key cryptosystems in the examples used to obtain the performance results of Figs.

Depending on the type of application and implementation, public key encryption according to the cyclotomic scheme may be up to three times faster than schemes using more conventional choices of subgroups or finite fields.

The reasons of cryptosystems untrustworthiness can be divided into 4 main groups: application of weak algorithms, cryptalgorithms wrong implementation or application and human factor.

Strong, mathematically tested and correctly implemented RNG is of great importance for cryptosystem as well as mathematically strong and correct cryptalgorithm, otherwise its shortcomings may influence overall cryptographic strength of the system.

PRNG application can be scarcely called a happy choice for cryptosystems, so strong cryptosystems use physical RNG (special board) for these purposes, or at least generate a number for PRNG initialization, with the use of physical values (time of user’s keystroke, for instance).

www.ssl.stu.neva.ru /psw/publications/crypto_eng.html (4345 words)

Suggesting Key Sizes for Cryptosystems(Site not responding. Last check: 2007-11-07)

Dr Arjen K. Lenstra and Dr Eric R.Verheul have studied the strength of different kinds of cryptosystems.

r>0 is the number of months it is expected to take on average for cryptanalytic developments affecting classical asymmetric cryptosystems to become twice as effective, i.e.

c>=0 is the number of months it is expected to take on average for cryptonalytic developments affecting elliptic curve (EC) cryptosystems to become twice as effective, unless c=0, in which case no EC cryptanalytic progress is expected.

This paper describes a set of experimental programs that were developed to demonstrate that exponentiation cryptosystems can be efficiently implemented on the IBM Personal Computer (PC).

The items discussed include: the use of a specialized squaring procedure; a recursive splitting method to speed up squaring and multiplication; the computation of residues by using multiplication instead of division; the efficient encoding of residue information; and the use of thresholds to select the most effective primality testing algorithm for a given size number.

Finally, the paper discusses the advantages of a mixed system that combines the superior key management capabilities inherent in public key cryptosystems with the much higher bulk-encryption speed obtainable with the Data Encryption Algorithm.

Since Diffie and Hellman proposed in 1976 public key cryptosystems in their seminal paper on "New Directions in Cryptography" [DH76], cryptography has played an important role in the provision of security services to general commercial applications.

In this research, we will focus on cryptosystems in which the management of the security is shared between many atomic entities, we call such systems Multi-Authority Cryptosystems.

Long messages are enciphered using secret key cryptosystems which raises the problem of key distribution in which signature facilities are needed to certify the origin.

These cryptosystems greatly simplify the problem of establishing secure communication between any two users of the network without the necessity of exchanging secret keys between them in advance.

The RSA (Rivest, Shamir, Adelman) cryptosystem and a family of Elliptic Curve Cryptosystems (ECC) are two competing technologies for public key encryption.

The direct result of this research will be a set of recommendations regarding the standardization of a particular algorithm, depending on the requirements of a communication protocol and implementation medium.

Elliptic curves is a new emerging class of public key cryptosystems that may successfully compete in the future with the current monopoly of the RSA cryptosystem.

The security of most elliptic curve cryptosystems is based upon the difficulty of solving a discrete logarithm problem in a group of points on the elliptic curve.

The security of RSA is based on the difficulty of factoring large integers, a problem for which quite efficient subexponential algorithms (such as Number Field Sieve) have been developed (see project CS-3).

bass.gmu.edu /crypto/student_projects/math.htm (698 words)

Public-Key Cryptosystems Based on 3rd-Order(Site not responding. Last check: 2007-11-07)

Designing cryptosystems that meet requirements of communication bandwidth, information rate, computational speed, and various security strategies, has become a very challenging task for researchers.

In the most widely used modern cryptosystems, such as the RSA [18], the Diffie-Hellman public-key distribution scheme [3], the ElGamal cryptosystem [5] and DSS [16], increasing the size of the modulus is necessary in order to strengthen their security.

In the literature, there is another family of public-key cryptosystems similar to RSA, DH, and ElGamal public-key cryptosystems, which are called the Dickson polynomial scheme [13, 14, 15] or LUC [20, 21], respectively.

Instead, we simply wish to emphasize that it is easy to generate and multiply large prime numbers but it is not generally possible to factor the resulting answer in reasonable time; that is, integer multiplication appears to be a one-way function.

These two problems are intrinsically different and each of them leads to a public-key cryptosystem.

This is the first example of a public-key cryptosystem with provable security against a passive adversary who can only eavesdrop.

The bookexamines various issues which arise in the secure and efficientimplementation of elliptic curve systems."Elliptic Curve Public Key Cryptosystems" is a valuable referenceresource for researchers in academia, government and industry who areconcerned with issues of data security.

Explores how elliptic curves can be the basis of cryptosystems that potentially provide as much security as the existing public key schemes, only with shorter key lengths.

www.powells.com /biblio?isbn=0792393686 (329 words)

Trapdoor Cryptosystems(Site not responding. Last check: 2007-11-07)

In this section, we will show how to apply the ideas in the previous section to intentionally embed a trapdoor in an iterated cryptosystem.

The main idea is that while it is computationally difficult in general to detect the presence of iterative characteristics, it is relatively easy, for certain characteristics, to synthesize a cryptosystem which preserves a given characteristic with high probability.

We do not have the ability to claim that the cryptosystem constructed here has a trapdoor which is, in practice, infeasible to identify (for example, that the various parameters have been selected in an appropriate way).

Abstract: The heart of the task of building public key cryptosystems is viewed as that of ``making trapdoors;'' in fact, public key cryptosystems and trapdoor functions are often discussed as synonymous.

In this paper we endeavor to get a better understanding of the nature of ``trapdoorness'' and its relation to public key cryptosystems, by broadening the scope of the investigation: we look at general trapdoor functions; that is, functions that are not necessarily injective (ie., one-to-one).

Our first result is somewhat surprising: we show that non-injective trapdoor functions (with super-polynomial pre-image size) can be constructed {from} any one-way function (and hence it is unlikely that they suffice for public key encryption).